Every CVE whose affected-product data names Netapp A250 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2020-14305 — CVSS 8.1 (high): An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled…
CVE-2020-8625 — CVSS 8.1 (high): BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which…
CVE-2024-6387 — CVSS 8.1 (high): A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle…
CVE-2021-28952 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when…
CVE-2022-1473 — CVSS 7.5 (high): The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash…
CVE-2024-6119 — CVSS 7.5 (high): Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an…
CVE-2021-25215 — CVSS 7.5 (high): In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview…
CVE-2021-4044 — CVSS 7.5 (high): Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may…
CVE-2022-0778 — CVSS 7.5 (high): The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli…
CVE-2022-1292 — CVSS 7.3 (high): The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some…
CVE-2020-25668 — CVSS 7.0 (high): A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free…
CVE-2020-15436 — CVSS 6.7 (medium): Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of…
CVE-2023-25136 — CVSS 6.5 (medium): OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The…
CVE-2021-31879 — CVSS 6.1 (medium): GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
CVE-2022-1434 — CVSS 5.9 (medium): The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially…
CVE-2019-25013 — CVSS 5.9 (medium): The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR…
CVE-2021-28951 — CVSS 5.5 (medium): An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock)…
CVE-2020-27618 — CVSS 5.5 (medium): The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in…
CVE-2022-1343 — CVSS 5.3 (medium): The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag…
CVE-2020-29374 — CVSS 3.6 (low): An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup)…